Instant OSSEC Host-based Intrusion Detection System [Instant]


This title is available as an eBook only
Instant OSSEC Host-based Intrusion Detection System [Instant]
eBook: $19.99
Formats: PDF, PacktLib, ePub and Mobi formats
$16.99
save 15%!
Print & eBook also available on:
Learn in an Instant - Short, Fast, Focused
Overview
Table of Contents
Author
Support
Sample Chapters
  • Learn something new in an Instant! A short, fast, focused guide delivering immediate results.
  • Install, configure, and customize an OSSEC-HIDS for your environment
  • Manage your OSSEC-HIDS robust and comprehensive security checks
  • Write your own rules and decoders to enhance alert accuracy and expand operational and security intelligence

Book Details

Language : English
eBook : 62 pages
Release Date : July 2013
ISBN : 1782167641
ISBN 13 : 9781782167648
Author(s) : Brad Lhotsky
Topics and Technologies : All Books, App Testing, Instant, Networking and Servers, Security and Testing, Open Source

Table of Contents

Preface
Instant OSSEC Host-based Intrusion Detection
  • Instant OSSEC Host-based Intrusion Detection
    • Installing OSSEC (Simple)
    • Configuring an OSSEC server (Simple)
    • Getting agents to communicate (Simple)
    • Writing your own rules (Simple)
    • Detecting SSH brute-force attacks (Intermediate)
    • Configuring the alerts (Simple)
    • File integrity monitoring (Simple)
    • Monitoring command output (Intermediate)
    • Detecting rootkits and anomalies (Simple)
    • Introducing active response (Intermediate)
    • Verifying alerts with active response (Advanced)

Brad Lhotsky

Brad Lhotsky started working with Unix systems professionally in 1998 as a system administrator, database administrator, network engineer, programmer, and security administrator. He has been an active member of the OSSEC HIDS community since 2004. He currently administers one of the largest OSSEC HIDS deployments in the world!
Sorry, we don't have any reviews for this title yet.

Code Downloads

Download the code and support files for this book.


Submit Errata

Please let us know if you have found any errors not listed on this list by completing our errata submission form. Our editors will check them and add them to this list. Thank you.

Sorry, there are currently no downloads available for this title.

Frequently bought together

Instant OSSEC Host-based Intrusion Detection System [Instant] +    Puppet 3 Cookbook =
50% Off
the second eBook
Price for both: €27.35

Buy both these recommended eBooks together and get 50% off the cheapest eBook.

What you will learn from this book

  • Installing OSSEC-HIDS in local, server, and agent mode
  • Customizing alerting to increase the signal to noise ratio
  • Writing your own rules to extend, enhance, and tailor alerts to your environment
  • Writing your own decoders to add context to alerts and active responses
  • Learning tips for managing large OSSEC-HIDS installs
  • Monitoring command output for security and operational awareness
  • Auditing systems for compromise with a sensitivity to performance of those systems
  • Configuring Active Response to protect servers from SSH brute force attacks

In Detail

Security software is often expensive, restricting, burdensome, and noisy. OSSEC-HIDS was designed to avoid getting in your way and to allow you to take control of and extract real value from industry security requirements. OSSEC-HIDS is a comprehensive, robust solution to many common security problems faced in organizations of all sizes.

"Instant OSSEC-HIDS" is a practical guide to take you from beginner to power user through recipes designed based on real- world experiences. Recipes are designed to provide instant impact while containing enough detail to allow the reader to further explore the possibilities. Using real world examples, this book will take you from installing a simple, local OSSEC-HIDS service to commanding a network of servers running OSSEC-HIDS with customized checks, alerts, and automatic responses.

You will learn how to maximise the accuracy, effectiveness, and performance of OSSEC-HIDS’ analyser, file integrity monitor, and malware detection module. You will flip the table on security software and put OSSEC-HIDS to work validating its own alerts before escalating them. You will also learn how to write your own rules, decoders, and active responses. You will rest easy knowing your servers can protect themselves from most attacks while being intelligent enough to notify you when they need help!

You will learn how to use OSSEC-HIDS to save time, meet security requirements, provide insight into your network, and protect your assets.

Approach

Filled with practical, step-by-step instructions and clear explanations for the most important and useful tasks. A fast-paced, practical guide to OSSEC-HIDS that will help you solve host-based security problems.

Who this book is for

This book is great for anyone concerned about the security of their servers-whether you are a system administrator, programmer, or security analyst, this book will provide you with tips to better utilize OSSEC-HIDS. Whether you’re new to OSSEC-HIDS or a seasoned veteran, you’ll find something in this book you can apply today!

This book assumes some knowledge of basic security concepts and rudimentary scripting experience.

Code Download and Errata
Packt Anytime, Anywhere
Register Books
Print Upgrades
eBook Downloads
Video Support
Contact Us
Awards Voting Nominations Previous Winners
Judges Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software
Resources
Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software